Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.mft
File:                     Mnib05LhxcabdCDMA2gDrxJYzvk.mft (raw, json)
Hash identifier:          bd9nKembYYbazZe8dP/jWVvQLn1MMaNqARxgyT1W1ls=
Subject key identifier:   A2:C2:EE:DC:3D:33:16:DA:B3:FF:13:03:F1:E8:E2:60:A6:60:3B:20
Authority key identifier: 32:78:9B:D3:92:E1:C5:C6:9B:74:20:CC:03:68:03:AF:12:58:CE:F9
Certificate issuer:       /CN=32789bd392e1c5c69b7420cc036803af1258cef9
Certificate serial:       019A5150A6867138B8968975B3E4C3A5ACBD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Mnib05LhxcabdCDMA2gDrxJYzvk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.mft
Manifest number:          0860
Signing time:             Wed 05 Nov 2025 00:00:31 +0000
Manifest this update:     Wed 05 Nov 2025 00:00:31 +0000
Manifest next update:     Thu 06 Nov 2025 00:00:31 +0000
Files and hashes:         1: Mnib05LhxcabdCDMA2gDrxJYzvk.crl (hash: 5ABVoBX25aOX3n1VcBn0I4c5fvm5FQ6Pni8bXDgl7z0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Mnib05LhxcabdCDMA2gDrxJYzvk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 06 Nov 2025 00:00:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:51:50:a6:86:71:38:b8:96:89:75:b3:e4:c3:a5:ac:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=32789bd392e1c5c69b7420cc036803af1258cef9
        Validity
            Not Before: Nov  5 00:00:31 2025 GMT
            Not After : Nov  6 00:00:31 2025 GMT
        Subject: CN=a2c2eedc3d3316dab3ff1303f1e8e260a6603b20
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:4f:24:4c:62:ca:ca:02:4e:f1:ca:86:7e:34:
                    8b:1a:71:17:57:74:96:6c:58:dd:dd:b9:bd:45:1f:
                    b3:14:77:4e:d2:74:cf:1d:7b:75:c3:42:16:66:44:
                    4a:6d:b6:5b:65:2b:78:55:b5:c3:9e:7b:fc:7d:ec:
                    81:07:79:ed:24:6c:65:89:7a:51:5b:2e:8c:c1:75:
                    d2:8b:44:0a:d4:aa:3d:d8:f4:52:4c:a6:d1:94:1b:
                    ca:62:24:99:d5:8c:c8:4b:3f:e1:bd:76:22:21:f4:
                    26:0d:98:0d:aa:c5:82:1b:d4:27:22:6e:a4:6b:77:
                    ff:9d:29:f1:57:6c:a3:a4:b0:8f:31:e2:74:a9:b3:
                    a4:d4:bd:86:c9:23:27:b5:40:df:c9:85:8e:fa:63:
                    86:76:f3:58:e8:4b:52:7e:84:b9:90:2a:e5:1c:af:
                    cf:bb:bc:c4:a2:60:ca:0e:a7:98:2f:2e:b5:4a:a6:
                    e0:45:ca:b1:24:c3:d5:bd:4c:da:4d:e1:e0:f6:11:
                    b8:ab:df:37:25:13:13:ba:43:85:41:9d:d5:a4:37:
                    29:fe:cd:4c:a6:b1:4d:33:5b:f1:4b:94:7d:a4:dd:
                    5f:7c:3b:1e:f2:9a:44:26:b4:a9:ce:72:b7:09:77:
                    a0:85:aa:35:0a:d8:48:1e:82:6d:aa:a2:d0:a4:13:
                    a7:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:C2:EE:DC:3D:33:16:DA:B3:FF:13:03:F1:E8:E2:60:A6:60:3B:20
            X509v3 Authority Key Identifier:
                keyid:32:78:9B:D3:92:E1:C5:C6:9B:74:20:CC:03:68:03:AF:12:58:CE:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mnib05LhxcabdCDMA2gDrxJYzvk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         43:e0:b0:c5:59:96:65:a5:8c:ff:8e:b9:c1:7c:66:e5:62:53:
         33:e8:8b:2c:9e:cd:f3:3d:ac:99:d4:c8:dc:9b:4b:ef:3b:0f:
         58:94:f5:5d:f9:dc:de:f9:2f:c7:c5:7f:68:7a:1b:3f:ed:e4:
         6c:25:34:da:7e:e4:36:43:9c:c2:9a:0d:6d:ec:2c:76:af:ee:
         8f:10:44:ca:f7:ce:30:e7:41:41:9c:1d:f7:75:22:ba:be:a4:
         8e:4a:7f:72:c6:88:41:5b:51:90:6d:0e:fe:00:42:71:52:e1:
         fc:dc:d8:17:57:47:0f:4b:f3:12:bd:7c:87:08:ee:4e:84:4f:
         2b:6e:ab:e7:ec:85:58:c9:72:f9:b9:27:00:7b:c4:4e:86:26:
         b5:4a:77:bd:d8:59:0e:2e:97:18:8c:98:f1:c1:af:ec:25:a0:
         32:f7:e1:d2:1a:5b:74:b4:9a:ef:3e:a2:24:bc:e8:ef:cc:b6:
         6a:1f:20:0b:ab:1d:87:b2:42:e9:4a:70:43:92:3d:04:7f:11:
         fa:a7:44:4f:86:c3:85:15:b4:fb:81:c4:dc:15:2e:a5:47:a4:
         ed:2a:8f:0f:c2:ea:57:97:56:af:f4:22:7a:3c:7d:b9:fd:86:
         23:bd:f1:2e:ac:60:87:e0:26:91:c3:2c:e0:b7:31:58:10:2e:
         3c:8c:37:fd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpRUKaGcTi4lol1s+TDpay9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNzg5YmQzOTJlMWM1YzY5Yjc0MjBjYzAzNjgwM2FmMTI1
OGNlZjkwHhcNMjUxMTA1MDAwMDMxWhcNMjUxMTA2MDAwMDMxWjAzMTEwLwYDVQQD
EyhhMmMyZWVkYzNkMzMxNmRhYjNmZjEzMDNmMWU4ZTI2MGE2NjAzYjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj08kTGLKygJO8cqGfjSLGnEXV3SW
bFjd3bm9RR+zFHdO0nTPHXt1w0IWZkRKbbZbZSt4VbXDnnv8feyBB3ntJGxliXpR
Wy6MwXXSi0QK1Ko92PRSTKbRlBvKYiSZ1YzISz/hvXYiIfQmDZgNqsWCG9QnIm6k
a3f/nSnxV2yjpLCPMeJ0qbOk1L2GySMntUDfyYWO+mOGdvNY6EtSfoS5kCrlHK/P
u7zEomDKDqeYLy61SqbgRcqxJMPVvUzaTeHg9hG4q983JRMTukOFQZ3VpDcp/s1M
prFNM1vxS5R9pN1ffDse8ppEJrSpznK3CXeghao1CthIHoJtqqLQpBOnqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKLC7tw9Mxbas/8TA/Ho4mCmYDsgMB8GA1UdIwQY
MBaAFDJ4m9OS4cXGm3QgzANoA68SWM75MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTW5pYjA1TGh4Y2FiZENETUEyZ0RyeEpZenZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC8xYzE3ZDYtM2ZkNC00YmExLWJlNGMt
Mzg2NmQ0NDEyODkzLzEvTW5pYjA1TGh4Y2FiZENETUEyZ0RyeEpZenZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC8xYzE3ZDYtM2ZkNC00YmExLWJlNGMtMzg2NmQ0NDEyODkz
LzEvTW5pYjA1TGh4Y2FiZENETUEyZ0RyeEpZenZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ+CwxVmW
ZaWM/465wXxm5WJTM+iLLJ7N8z2smdTI3JtL7zsPWJT1Xfnc3vkvx8V/aHobP+3k
bCU02n7kNkOcwpoNbewsdq/ujxBEyvfOMOdBQZwd93Uiur6kjkp/csaIQVtRkG0O
/gBCcVLh/NzYF1dHD0vzEr18hwjuToRPK26r5+yFWMly+bknAHvEToYmtUp3vdhZ
Di6XGIyY8cGv7CWgMvfh0hpbdLSa7z6iJLzo78y2ah8gC6sdh7JC6UpwQ5I9BH8R
+qdET4bDhRW0+4HE3BUupUek7SqPD8LqV5dWr/Qiejx9uf2GI73xLqxgh+AmkcMs
4LcxWBAuPIw3/Q==
-----END CERTIFICATE-----